Before we get started have a look here for an overview of the terminology used in WVD.

Intro

There are a few preleminary steps required before you can go the Azure portal and deploy your WVD Host Pool from the Azure Marketplace.

First we need to create a tenant in the Windows Virtual Desktop service

Then we need to create a service principal in Azure AD and assign role assignments

Once this is done we can deploy our host pool from the Azure Marketplace

Create Tenant

We need to grant permissions to WVD to query our Azure Active Directory and peform administrative and end-user tasks.

Make sure you are a global admin within AAD and have the AAD tenant ID and subscription ID handy.
Also keep or save any PowerShell outputs, secrets, APPids, names etc as you will need it later in the deployment process

After the 2 WVD applications have been created in AAD we need to assign someone the TenantCreator Application Role in AAD. The TenantCreator application role allows that user to create a new WVD tenant associated with AAD. Open the Azure portal, go to AAD, select Enterprise Applications and search for Windows Virtual Desktop.
Select users and groups (you will already see one user listed but that is not enough), click add user. Select the user you want and give him the TenantCreator role.

You can’t select a group at this stage or a service principal. You can only select users for the TenantCreater role.

Now that we have given the WVD service the necessary permissions to query AAD we can start creating our WVD tenant. This needs to be done in PowerShell with the WVD Module

5 Login to WVD with a user that has the TenantCreator role

Add-RdsAccount -DeploymentUrl "https://rdbroker.wvd.microsoft.com"

6 Create a new WVD tenant and replace the tenantname, AAD ID and subscriptionID with your details.

Create a Service Principal

Next we need to create a Service Principal in AAD. This service principal will be used in WVD to perform WVD management tasks and will be used as credentials when deploying ARM templates for WVD where users are required to use MFA.

Deploy a host pool from Azure Marketplace

In the Basisc blade select your subscription and resource group you want to use. Provide the name of the hostpool (this will be the name the end users will see from the Remote Web Client) and choose if you want the desktops to be pooled or personal.

3 Configure Virtual Machines

Accept the default or customize the number and size of the VMs you want to deploy. For my poc I changed it to 1 machine. Provide a prefix for the names of the virtual machines and select OK.

The prefix you specified earlier for the VMs will also be used to name the underlying resources like the Nic, disk etc. If those names don’t comply with your internal naming convention you will need to modify the WVD templates.

4 Virtual Machines Settings

Select the Image source and specify a UPN and password for the domain join. Make sure to select a VNET and a subnet that have access to your domain controller as the machines will automatically be joined to your domain.

5 Windows Virtual Desktop tenant Information

In the tenant blade we need to provide information regarding our WVD tenant we created earlier in PowerShell. Make sure to select Service principal and provide the application ID, Tenant ID and for password provide the App Secret that was created earlier.

6 Complete setup

On the summary blade review your setup and click create.

Wait for the deployment to complent and you will then be able to login to your virtual desktop using the web client for example.

Conclusion

As you can see we have quite a few preleminary steps we need to execute before deploying our WVD host pool. Make sure to keep the APPids, secrets etc close by as you will need them during deployment.